package com.xiaotu.security.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

/**
 * @author Mr.zhang
 * @create 2021-11-21 13:05
 */
@Controller
public class LoginController {

//    @RequestMapping("login")
//    public String login(){
//        System.out.println("执行登录方法");
//        return "redirect:main.html";
//    }

    //@Secured({"ROLE_abc1"})
    //PreAuthorize的表达式允许ROLE_开头，也可不以ROLE_开头，配置类不允许ROLE_开头
    @PreAuthorize("hasRole('abc')")
    @RequestMapping("toMain")
    public String toMain() {
        return "redirect:main.html";
    }

    @RequestMapping("toError")
    public String toError() {
        return "redirect:error.html";
    }

    @GetMapping("demo")
    @ResponseBody
    public String demo() {
        return "demo";
    }

}
